Win a copy of Learn Spring Security (video course) this week in the Spring forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

java.policy setting not reflecting

 
Karthik Krishnamurthy
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am writing an web based application using applets nadn eed to contact a MYSql database.

I am getting Access Denied exception.

In my java.policy file I added the following two lines :

permission java.net.SocketPermission "127.0.0.1:3306", "accept,connect,listen,resolve";

permission java.net.SocketPermission "localhost:3306", "accept,connect,listen,resolve";

There is an extra permission line Iin addition to the PropertyPermissions) :
permission java.net.SocketPermission "localhost:1024-", "listen";
that was already there on the server.

I am still getting the following exception : Any help will be greatly appreciated since I have a demo tomorrow. (Is there anyway to confugure the java.policy or java.security file to allow the jar that contains my applet(dvt.jar) to access the underlying database.)

Thx
Karthik

Unable to connect to any hosts due to exception: java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:3306 connect,resolve)** BEGIN NESTED EXCEPTION ** java.security.AccessControlExceptionMESSAGE: access denied (java.net.SocketPermission 127.0.0.1:3306 connect,resolve)STACKTRACE:java.security.AccessControlException: access denied (java.net.SocketPermission 127.0.0.1:3306 connect,resolve)at java.security.AccessControlContext.checkPermission(Unknown Source)at java.security.AccessController.checkPermission(Unknown Source)at java.lang.SecurityManager.checkPermission(Unknown Source)at java.lang.SecurityManager.checkConnect(Unknown Source)at java.net.Socket.connect(Unknown Source)at java.net.Socket.connect(Unknown Source)at java.net.Socket.<init>(Unknown Source)at java.net.Socket.<init>(Unknown Source)at com.mysql.jdbc.StandardSocketFactory.connect(StandardSocketFactory.java:124)at com.mysql.jdbc.MysqlIO.<init>(MysqlIO.java:225)at com.mysql.jdbc.Connection.createNewIO(Connection.java:1783)at com.mysql.jdbc.Connection.<init>(Connection.java:450)at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:411)at java.sql.DriverManager.getConnection(Unknown Source)at java.sql.DriverManager.getConnection(Unknown Source)at vdt.VdtModuleApplet.getConnection(VdtModuleApplet.java:444)at vdt.VdtModuleApplet.init(VdtModuleApplet.java:105)at sun.applet.AppletPanel.run(Unknown Source)at java.lang.Thread.run(Unknown Source)** END NESTED EXCEPTION ** System = Inited, gotParameters, init propertiesGetting Connection
 
Karthik Krishnamurthy
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
Is there some place I need to specify explicitly where to find this java.policy file.
Platform is UNIX.

Thx
Karthik
 
Joe Ess
Bartender
Posts: 9256
9
Linux Mac OS X Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's probably too late to mention, but using an applet to directly contact a database is a Bad Idea. First, you have to give the applet a password and user name to contact the db which compromises security. Next, applets can't contact any server other than the one they are downloaded from (as you have discovered). You can get around this restriction by digitally signing the applet. I don't think just changing the policy file would do it, but I've never tried it.
Another work-around is to use your web server to host a service which the applet uses as a proxy to access other network resources, as described in the java tutorial
BTW, you are changing the policy file on the client, right?
 
Karthik Krishnamurthy
Ranch Hand
Posts: 118
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have changed the policy file to give java.net.SocketPermission "connect,listen,resolve,accept" for "127.0.0.1:3306"

It has not made any difference to the error.

I will try adding the digital signature to the applet.

Thanks
Karthik
 
Consider Paul's rocket mass heater.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic